<?php

namespace Modules\Admin\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Modules\Admin\Models\AuthRule as AuthRuleModel;
use Modules\Admin\Models\Admin as AdminModel;
use Modules\Admin\Models\OperationLog as OperationLogModel;
use Modules\Admin\Models\AuthGroup as AuthGroupModel;
class AdminAuth
{
    /**
     * Handle an incoming request.
     * php artisan module:make-middleware AdminAuth Admin	
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle(Request $request, Closure $next)
    {
		$admin = Auth::guard("admin")->user();
		if(!$admin){
			return redirect()->guest(route('admin.login.index'))->send();exit();
		}else{  	
			$request_arr = $request->route()->getAction(); 
			$rule_info = AuthRuleModel::where('href',$request_arr['as'])->select('id','auth_open','title','pid')->first();
			$log_arr['url'] = $request->url();
			$log_arr['methods'] = $request->route()->Methods()[0];
			$log_arr['name'] = AuthRuleModel::where('id',$rule_info->pid)->value('title'). '-->' . $rule_info->title;
			$log_arr['ip'] = $request->getClientIp();
			$log_arr['admin_id'] = $admin->id;
			$log_arr['created_at'] = date('Y-m-d H:i:s');
			if($admin->id != 1){ 
				if($rule_info){
					$group_id = AdminModel::where('id',$admin->id)->value('group_id');
					$rules = AuthGroupModel::where('id',$group_id)->value('rules');
					$rule_arr = array_filter(explode('|',$rules));
					if($rule_info->auth_open == 1){
						if(!in_array($rule_info->id,$rule_arr)){
							$as_arr = explode('.',$request_arr['as']);
							if($as_arr['2'] == 'index'){
								$str  = <<<STR
							<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="UTF-8" http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="csrf-token" content="{{ csrf_token() }}">
<title>404-对不起！您访问的页面不存在</title>
<style type="text/css">
.txtbox{margin:100px auto;text-align:center;font-weight:700; font-size:70px;color:#FFFFFF;}
</style>
</head>
<body bgcolor="#494949">
  <div class="txtbox">
	  <span>没有权限</span>
  </div>
</body>
</html>
STR;
$log_arr['status'] = 0;
OperationLogModel::insert($log_arr);

							echo $str;exit();
						}else if(in_array($as_arr['2'],['create','edit','access','create_sublevel'])){
							$url = route($as_arr['0'].'.'.$as_arr['1'].'.index');
							$str  = <<<STR
<!DOCTYPE html>
<html>
<head>
	<meta charset="utf-8">
	<title>没有权限</title>
	<meta name="renderer" content="webkit">
	<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
	<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
	<meta name="apple-mobile-web-app-status-bar-style" content="black">
	<meta name="apple-mobile-web-app-capable" content="yes">
	<meta name="format-detection" content="telephone=no">
	<link rel="stylesheet" href="/admins/plugins/layui/css/layui.css" media="all" />
	<link rel="stylesheet" href="/admins/css/global.css" media="all">
</head>
<body>
	<div class="system-message">
	</div>
	<script type="text/javascript" src="/admins/plugins/layui/layui.js"></script>
	<script type="text/javascript">
		layui.use('layer', function() {
			var layer = layui.layer;
			layer.msg("没有权限", {time: 2000,icon:2},function(){
				location.href = "$url";
			});
		});
	</script>
</body>
</html>
STR;
$log_arr['status'] = 0;
OperationLogModel::insert($log_arr);
				echo $str;exit();
							}else{
								$log_arr['status'] = 0;
								OperationLogModel::insert($log_arr);
								return response()->json([
									'status'=>0,
									'error' => '没有权限',
									'msg' => '',
									'url'=> route($as_arr['0'].'.'.$as_arr['1'].'.index')
								],201);exit();
							}
							
							
						}
					}
				}
				
			}
			 
		}
		OperationLogModel::insert($log_arr);
        return $next($request);
    }
}
